Introduction

In late June 2015, President Barack Obama’s controversial Trans-Pacific Partnership (TPP) successfully passed through Congress. It gives the president additional powers for six years and authorizes him to present trade deals to Congress for a vote on a specified timeline without lawmakers being able to amend the terms.[1] While there is still much debate in the United States with regard to the TPP’s benefits for the United States, China’s exclusion from the process is noteworthy given the geographical nature of the TPP and China’s own “One Belt, One Road” (OBOR) regional economic initiatives. Due to the secretive nature of the TPP, details governing the 29 chapters of the agreement remain unexamined. Given that the TPP aims to challenge China’s OBOR efforts, pro-Beijing interests can be expected to leverage cyber espionage to target TPP stakeholders during the negotiation process in an effort to gain sensitive information pertaining to the agreement, stakeholder positions, and future planning, for decision advantage.

The Trans-Pacific Partnership

Via the questionable and overly secret TPP, the U.S. looks to further its economic growth and the creation of jobs by increasing exports in a region whose economies represent almost 40% of the global gross domestic product, according to the Office of the U.S. Trade Representative.[2] Currently, the United States is negotiating with 11 governments, most of them located in the region. The goal of the TPP is to create a “free trade” zone, which if agreed to by stakeholders, will become the world’s largest trade deal.[3] The TPP sets the terms for trade between the participating members and includes several major areas where competition will undoubtedly increase.[4] Among some of the topics addressed are environmental, labor, and intellectual property standards; data flows; services; and state-owned businesses.[5]

While the TPP is billed as an “open architecture document” that could be easily adopted by additional Asian governments,[6] China is noticeably not among the nations engaged in these early discussions, which seems odd for one of the world’s top growing economies. Recent reports indicate China’s interest in joining the TPP;[7] however, signatories are expected to maintain high labor and environmental standards,[8] which China is not presently prepared to meet.[9] This likely is designed to pressure China to make certain reforms if it wants to gain access to the U.S. market.

China Has its Own Plans

Economic growth has been instrumental in promoting Chinese influence around the world, as well as making it possible to maintain double-digit defense spending levels. China’s goal of becoming a global leader economically and militarily must start at the regional level, which is why China looks to promote regional development through such economic initiatives as the OBOR and the Asian Infrastructure Investment Bank (AIIB).

The “One Belt One Road” initiatives—composed of the land Silk Road Economic belt and the 21st-Century Maritime Silk Road—are designed to create regional connectivity and a large free trade zone. The efforts will link Africa, Asia, and Europe together in a new offer in international order in which all participants gain clear advantages. Projects that have been approved include an upgrade of the Gwadar Port, as well as a new airport, roads, rail links, and resource pipelines.[10]

The China-backed and -led AIIB will focus on the development infrastructure projects and other productive sectors (e.g., energy, power, telecommunications) in Asia.[11] Notably, 50 governments recently backed the AIIB,[12] many of which are considered U.S. allies. At this time, two of them—India and South Korea—are not a part of the original 11-nation TPP. China provided 30% of the $100 billion operating capital for the AIIB and has 26% of the voting power,[13] which will greatly enhance China’s ability to influence regional economies to better support Beijing’s national interests

Taken collectively, these two ambitious economic initiatives can potentially make China an economic force in the region, providing counterbalance to U.S. and Western-led institutions (e.g., the World Bank and the International Monetary Fund).

The Type of Information China May Want

Despite the controversy surrounding its arcane content, the TPP is a prominent bilateral agreement whose participants can be expected to be targeted by cyber espionage actors, primarily ones suspected of being Chinese, based in China, or working on behalf of the Chinese government.

China has three primary national security objectives: sustaining regime survival, defending national sovereignty and territorial integrity, and establishing China as both a regional and national power.[14] China’s 12th Five Year Plan reflects overall goals and objectives of the government to promote economic industry growth and reform.[15]

The TPP threatens to stem China’s aspirations by targeting two areas Beijing considers national priorities: its continued economic growth and its emergence as the dominant regional influence. China’s exclusion from the TPP prohibits its ability to have a voice in how it operates. Many of the nations involved in TPP discussions are those that have maritime disputes with China and economic opportunities independent of China may bolster their resolve and weaken Chinese influence in settling them through non-violent means.

Further complicating matters is the secretive nature of the details contained in the TPP’s 29 chapters. Of the chapters being negotiated, only five address traditional trade issues intimating that the others such as the one dealing with expanding copyright and intellectual property protections and regulate the flow of information on the Internet[16] are focused on influencing government activities. In this context, the TPP can be viewed as an “important element in the U.S. rebalancing toward Asia,”[17] which China cautiously perceives as U.S. attempts of containment. The fact that half of the governments negotiating the TPP with the United States are those that are engaged in maritime disputes is not lost on Beijing, and only further bolsters these suspicions.

Gaining insight into what the TPP entails and the positions of its prospective signatories would be of great interest to China. As a result, it can be expected that key participants, as well as the organizations that they represent, would be highly desirable targets for exploitation purposes in order to aggregate as much sensitive information that pertains to the TPP and their respective government’s potential role.

Suspected Chinese cyber espionage has been well documented, and has been identified by the Director of National Intelligence as a “major threat.”[18] Moreover, there is a history of suspected Chinese actors targeting significant international events in order to collect intelligence for political and economic decision advantage. For example, in 2008, the presidential campaigns of Senators Barack Obama and John McCain were targeted in an effort to gain insight into policy positions.[19] In May 2013, suspected Chinese cyber actors conducted cyber espionage against G-20 institutions in the lead up to the G-20 summit.[20] In 2012, Coca-Cola was hacked by alleged Chinese actors for sensitive information pertaining to its potential purchase of China Huiyuan Juice Group, a deal that invariably fell through.[21]

Based on such anecdotal examples, and the importance of the TPP’s potential to disrupt China’s objectives, it is highly likely that some of the more sophisticated and reliable cyber actors will engage TPP stakeholders using tactics, techniques, and procedures (TTPs) that have yielded successful results in prior operations. Targeted spearphishing (the implementation of socially engineered e-mail messages with embedded malware in attachments) and watering-hole attacks (the attacker observes which websites the target group often uses and infects one or more of them with malware) have been favored vectors by suspected Chinese cyber actors. TPP stakeholders should understand this and prepare accordingly as TPP negotiations continue.

Conclusion

While the unnecessary secretive nature of the TPP agreement could be interpreted as an attempt to keep China from knowing what’s being discussed, some of the TPP’s questionable chapters give serious pause, as the public doesn’t have insight into all of the contents that will invariably affect them that are being discussed among the stakeholders. The mystery surrounding the agreement coupled with fast-track nature of trying to get it passed have attracted attention from more than the Chinese. For example, one controversial chapter of the draft agreement garnering much attention includes an investor-state dispute settlement clause that would allow firms to “sue” governments to obtain taxpayer compensation for loss of “expected future profits.”[22] Several other chapters also have disputed benefits. As a result, there has been substantial backlash toward the agreement from healthcare,[23] environmental,[24] and even bipartisan activists,[25] all rallying against the alleged merits of the TPP.

In a 2013 interview, President Obama acknowledged a government’s prerogative to engage in intelligence gathering, particularly with regards to acquiring information such as talking points[26] with a foreign government that might provide insight into espionage sponsor. If China is the pervasive orchestrator of global cyber espionage against private and public sector organizations, as many believe, the TPP presents a prime, opportune target for these efforts.

There have been many recent white papers regarding the role of cyber intelligence, how to do it, what it constitutes, and how customers should consume it. Terms such as “actionable,” “accurate,” “operational,” and “tailored” are shared by many of these reports. In a threat space where hostile activities can occur in nanoseconds, one word that is not frequently mentioned is “advanced or indications and warning.” The process includes forewarning of adversary actions or intentions, imminent hostilities, or attacks. While many tout the virtue of “knowing your enemy,” looking at the body of work and applying successful observed tactics and techniques to future developments is not being done. Understanding who they are, and perhaps more importantly, how they operate can better provide organizations the information to architect an appropriate security posture to mitigate this activity. TPP members have been warned.

Related

About the Author

Emilio Iasiello has been a cyber threat analyst for the past thirteen years working as a government contractor and a government civilian in the Department of State as well as the Department of Defense, as well as as well as private sector companies providing cyber intelligence to Fortune 100 clients. He has delivered cyber threat presentations to domestic and international audiences and has published extensively in peer-reviewed journals.